// internal/util/crypto.go
package util

import (
	"crypto/rand"
	"encoding/hex"
	"io"
)

// GenerateRandomKey 生成随机密钥
func GenerateRandomKey(length int) (string, error) {
	bytes := make([]byte, length)
	if _, err := io.ReadFull(rand.Reader, bytes); err != nil {
		return "", err
	}
	return hex.EncodeToString(bytes), nil
}

// GenerateAPIKey 生成API密钥
func GenerateAPIKey() (string, error) {
	return GenerateRandomKey(32)
}

// internal/util/file.go
package util

import (
	"crypto/sha256"
	"encoding/hex"
	"io"
	"mime"
	"os"
	"path/filepath"
	"strings"
)

// GetFileHash 计算文件SHA256哈希
func GetFileHash(filePath string) (string, error) {
	file, err := os.Open(filePath)
	if err != nil {
		return "", err
	}
	defer file.Close()

	hash := sha256.New()
	if _, err := io.Copy(hash, file); err != nil {
		return "", err
	}

	return hex.EncodeToString(hash.Sum(nil)), nil
}

// GetMimeType 获取文件的MIME类型
func GetMimeType(filePath string) (string, error) {
	file, err := os.Open(filePath)
	if err != nil {
		return "", err
	}
	defer file.Close()

	// 读取前512字节用于检测MIME类型
	buffer := make([]byte, 512)
	_, err = file.Read(buffer)
	if err != nil && err != io.EOF {
		return "", err
	}

	mimeType := http.DetectContentType(buffer)
	return mimeType, nil
}

// SafeFileName 生成安全的文件名
func SafeFileName(originalName string) string {
	// 移除路径信息
	name := filepath.Base(originalName)
	
	// 替换不安全的字符
	replacer := strings.NewReplacer(
		"..", "",
		"/", "_",
		"\\", "_",
		":", "_",
		"*", "_",
		"?", "_",
		"\"", "_",
		"<", "_",
		">", "_",
		"|", "_",
	)
	
	name = replacer.Replace(name)
	
	// 限制文件名长度
	if len(name) > 255 {
		ext := filepath.Ext(name)
		name = name[:255-len(ext)] + ext
	}
	
	return name
}

// IsHiddenFile 检查是否为隐藏文件
func IsHiddenFile(name string) bool {
	return strings.HasPrefix(filepath.Base(name), ".")
}

// internal/util/validator.go
package util

import (
	"regexp"
	"strings"
	"unicode"
)

// ValidateUsername 验证用户名
func ValidateUsername(username string) bool {
	if len(username) < 3 || len(username) > 50 {
		return false
	}
	
	// 只允许字母、数字、下划线和连字符
	matched, _ := regexp.MatchString("^[a-zA-Z0-9_-]+$", username)
	return matched
}

// ValidatePassword 验证密码强度
func ValidatePassword(password string) bool {
	if len(password) < 6 {
		return false
	}
	
	var hasUpper, hasLower, hasNumber bool
	for _, char := range password {
		switch {
		case unicode.IsUpper(char):
			hasUpper = true
		case unicode.IsLower(char):
			hasLower = true
		case unicode.IsDigit(char):
			hasNumber = true
		}
	}
	
	return hasUpper && hasLower && hasNumber
}

// ValidateEmail 验证邮箱格式
func ValidateEmail(email string) bool {
	pattern := `^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$`
	matched, _ := regexp.MatchString(pattern, email)
	return matched
}

// SanitizeInput 清理用户输入
func SanitizeInput(input string) string {
	input = strings.TrimSpace(input)
	
	// 移除潜在的危险字符
	replacer := strings.NewReplacer(
		"<", "&lt;",
		">", "&gt;",
		"\"", "&quot;",
		"'", "&#39;",
		"&", "&amp;",
		";", "",
		"(", "",
		")", "",
	)
	
	return replacer.Replace(input)
}